Associate Security Engineer
Ohio - Columbus /
Operations – 824-G&A Security Ops /
At Veeva, we build enterprise cloud technology that powers the biggest names in the pharmaceutical, biotech, consumer goods, chemical & cosmetics industries. Our customers make vaccines, life-saving medicines, and life-enhancing products that make a difference in everyday lives. Our technology has transformed these industries; enabling them to get critical products and services to market faster. Our core values, Do the Right Thing, Customer Success, Employee Success, and Speed, guide us as we make our customers more efficient and effective in everything they do.
As the Associate Security Engineer, you will focus on the evaluation, architecture, development, deployment, and operation of incident response, security monitoring, intrusion prevention, systems hardening, and vulnerability and malware prevention. We frequently work with other teams at Veeva, and look externally to partner with unique and innovative security companies.
What You'll Do
- Design, build and maintain endpoint security, vulnerability analysis, incident response, security event management, security policy enforcement.
- Design, build and maintain network security including network/firewall access control policies, runtime application self-protection, web application firewall, intrusion prevention, malware detection
- Build complete security solutions by integrating off-the-shelf and custom security tools through APIs and custom code
- Lead Incident response, from discovery, through containment, response through to reporting.
- Bachelor’s degree or higher in relevant field
- Understanding of the TCP/IP Stack, Web-Application Architecture, Encryption fundamentals & OWASP Top 10
- Expertise with Host operating systems (Linux, Windows, Mac)
- Experience with Python/Perl or other scripting languages for automation
- Strong written and verbal communication skills
- Able to take ownership and set direction in gray areas
- A burning desire to grow in both engineering and security expertise
Nice to Have
- Experience with vulnerability assessment of Linux/Windows/Mac operating systems and determining contextual risk to Veeva
- Experience in Log Management, Security Event Correlation and any SIEM technology
- Expertise in Incident Response technologies and Signature Development & analysis of false positive alerts
- Experience in web application assessment tools such as Burp Proxy, Metasploit, Nessus, etc.
- Experience with AWS security design and tools
- Experience with log analytics and writing security alert queries
- Experience with systems administration (RHEL7, Windows Server)
- Experience in Web-Application & Network penetration testing
- Desire to identify and implement automation opportunities
- Able to work independently or with a team
- Able to multi-task and deliver consistently on deadlines
- OSCP certification, CISSP certification.
Perks & Benefits
- Flexible PTO
- Allocations for continuous learning & development
- Health & wellness programs
Veeva’s headquarters is located in the San Francisco Bay Area with offices in more than 15 countries around the world.
Veeva is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity or expression, religion, national origin or ancestry, age, disability, marital status, pregnancy, protected veteran status, protected genetic information, political affiliation, or any other characteristics protected by local laws, regulations, or ordinances.